Organizations often deploy a variety of anti-malware and/or file-filtering technologies in order to prevent potentially malicious files from infecting or being installed on computing devices within the organizations. In one example, an organization may compile a blacklist that identifies malicious and/or untrusted files. In the event that a user within the organization attempts to access an untrusted file, an anti-malware program on the user's computing device may block or prevent the user from downloading and/or installing the file in response to identifying the file on the blacklist. In another example, an organization may compile a whitelist that identifies files allowed to be accessed within the organization.
Unfortunately, traditional methods for creating whitelists and blacklists may be inefficient, inconvenient, and/or unable to accurately determine whether a file is trusted or untrusted. For example, a conventional whitelisting technology may rely on receiving approval of files from specified managers and/or Information Technology (IT) administrators within an organization. In organizations that handle large numbers of new files, managers or administrators may be overburdened and unable to keep up with approving or denying each file requested by users within the organizations. As a result, individuals within an organization may be blocked from accessing legitimate, harmless, and/or important files (e.g., files created by members of the organization that are not recognized by traditional anti-malware programs). In addition, users within organizations may choose to disable anti-malware programs in the event that the programs are too disruptive and/or unreliable. Therefore, the instant disclosure identifies and addresses a need for improved systems and methods for determining the trustworthiness of files within organizations.